56 #include "core/mainloop/netstatus.h" 70 #include "core/or/edge_connection_st.h" 71 #include "core/or/or_circuit_st.h" 75 #ifdef HAVE_SYS_STAT_H 79 #include <event2/event.h> 80 #include <event2/dns.h> 84 #define RESOLVE_MAX_TIMEOUT 300 104 const char *hostname,
113 #ifdef DEBUG_DNS_CACHE 114 static void assert_cache_ok_(
void);
115 #define assert_cache_ok() assert_cache_ok_() 117 #define assert_cache_ok() STMT_NIL 125 static uint64_t n_ipv6_requests_made = 0;
127 static uint64_t n_ipv6_timeouts = 0;
129 static int dns_is_broken_for_ipv6 = 0;
142 static inline unsigned int 145 return (
unsigned) siphash24g((
const uint8_t*)a->
address, strlen(a->
address));
157 HT_INIT(cache_map, &cache_root);
165 static int all_down = 0;
168 get_options()->SafeLogging) {
169 log_info(LD_EXIT,
"eventdns: Resolve requested.");
174 if (!
strcmpstart(msg,
"Nameserver ") && (cp=strstr(msg,
" has failed: "))) {
175 char *ns = tor_strndup(msg+11, cp-(msg+11));
176 const char *colon = strchr(cp,
':');
178 const char *err = colon+2;
184 "NAMESERVER_STATUS NS=%s STATUS=DOWN ERR=%s",
188 (cp=strstr(msg,
" is back up"))) {
189 char *ns = tor_strndup(msg+11, cp-(msg+11));
193 "NAMESERVER_STATUS NS=%s STATUS=UP", ns);
195 }
else if (!strcmp(msg,
"All nameservers have failed")) {
198 }
else if (!
strcmpstart(msg,
"Address mismatch on received DNS")) {
199 static ratelim_t mismatch_limit = RATELIM_INIT(3600);
200 const char *src = strstr(msg,
" Apparent source");
201 if (!src || get_options()->SafeLogging) {
205 "eventdns: Received a DNS packet from " 206 "an IP address to which we did not send a request. This " 207 "could be a DNS spoofing attempt, or some kind of " 208 "misconfiguration.%s", src);
211 tor_log(severity, LD_EXIT,
"eventdns: %s", msg);
228 if (server_mode(get_options())) {
241 if (! server_mode(options)) {
244 if (!(
the_evdns_base = evdns_base_new(tor_libevent_get_base(), 0))) {
245 log_err(
LD_BUG,
"Couldn't create an evdns_base");
300 r->
magic = 0xFF00FF00;
311 if (a->
expire < b->expire)
313 else if (a->
expire == b->expire)
328 const char *answer_hostname,
331 if (query_type == DNS_PTR) {
335 if (dns_result == DNS_ERR_NONE && answer_hostname) {
336 resolve->result_ptr.hostname = tor_strdup(answer_hostname);
343 }
else if (query_type == DNS_IPv4_A) {
347 if (dns_result == DNS_ERR_NONE && answer_addr &&
356 }
else if (query_type == DNS_IPv6_AAAA) {
360 if (dns_result == DNS_ERR_NONE && answer_addr &&
391 resolve->
expire = expires;
411 for (ptr = HT_START(cache_map, &cache_root); ptr != NULL; ptr = next) {
413 next = HT_NEXT_RMV(cache_map, &cache_root, ptr);
416 HT_CLEAR(cache_map, &cache_root);
437 if (resolve->
expire > now)
445 "Expiring a dns resolve %s that's still pending. Forgot to " 446 "cull it? DNS resolve didn't tell us about the timeout?",
450 "Forgetting old cached resolve (address %s, expires %lu)",
452 (
unsigned long)resolve->
expire);
461 "Closing pending connections on timed-out DNS resolve!");
467 pendconn = pend->conn;
473 connection_free_(
TO_CONN(pendconn));
481 removed = HT_REMOVE(cache_map, &cache_root, resolve);
482 if (removed != resolve) {
483 log_err(
LD_BUG,
"The expired resolve we purged didn't match any in" 484 " the cache. Tried to purge %s (%p); instead got %s (%p).",
485 resolve->
address, (
void*)resolve,
486 removed ? removed->
address :
"NULL", (
void*)removed);
495 tor_free(resolve->result_ptr.hostname);
496 resolve->
magic = 0xF0BBF0BB;
505 #define RESOLVED_TYPE_AUTO 0xff 523 buf[0] = answer_type;
528 case RESOLVED_TYPE_AUTO:
530 cp[0] = RESOLVED_TYPE_IPV4;
538 cp[0] = RESOLVED_TYPE_IPV6;
540 memcpy(cp+2, bytes, 16);
548 answer_type = RESOLVED_TYPE_ERROR;
552 case RESOLVED_TYPE_ERROR_TRANSIENT:
553 case RESOLVED_TYPE_ERROR:
555 const char *errmsg =
"Error resolving hostname";
556 size_t msglen = strlen(errmsg);
558 buf[0] = answer_type;
560 strlcpy(buf+2, errmsg,
sizeof(buf)-2);
584 const char *hostname))
593 size_t namelen = strlen(hostname);
598 buf[0] = RESOLVED_TYPE_HOSTNAME;
599 buf[1] = (uint8_t)namelen;
600 memcpy(buf+2, hostname, namelen);
602 buflen = 2+namelen+4;
638 int made_connection_pending = 0;
639 char *hostname = NULL;
643 r = dns_resolve_impl(exitconn, is_resolve, oncirc, &hostname,
644 &made_connection_pending, &resolve);
653 send_resolved_hostname_cell(exitconn, hostname);
655 send_resolved_cell(exitconn, RESOLVED_TYPE_AUTO, resolve);
676 send_resolved_cell(exitconn,
677 (r == -1) ? RESOLVED_TYPE_ERROR : RESOLVED_TYPE_ERROR_TRANSIENT,
683 dns_cancel_pending_resolve(exitconn->base_.
address);
689 connection_free_(
TO_CONN(exitconn));
718 int *made_connection_pending_out,
726 time_t now = time(NULL);
732 *made_connection_pending_out = 0;
749 if (router_my_exit_policy_is_reject_star())
753 tor_log(LOG_PROTOCOL_WARN, LD_EXIT,
754 "Rejecting invalid destination address %s",
771 AF_UNSPEC, 0)) != 0) {
774 if (tor_addr_is_internal(&addr, 0))
778 if (!is_reverse || !is_resolve) {
780 log_info(LD_EXIT,
"Bad .in-addr.arpa address \"%s\"; sending error.",
782 else if (!is_resolve)
784 "Attempt to connect to a .in-addr.arpa address \"%s\"; " 797 resolve = HT_FIND(cache_map, &cache_root, &search);
798 if (resolve && resolve->
expire > now) {
799 switch (resolve->
state) {
802 pending_connection = tor_malloc_zero(
804 pending_connection->conn = exitconn;
807 *made_connection_pending_out = 1;
808 log_debug(LD_EXIT,
"Connection (fd "TOR_SOCKET_T_FORMAT
") waiting " 809 "for pending DNS resolve of %s", exitconn->base_.
s,
813 log_debug(LD_EXIT,
"Connection (fd "TOR_SOCKET_T_FORMAT
") found " 814 "cached answer for %s",
818 *resolve_out = resolve;
820 return set_exitconn_info_from_resolve(exitconn, resolve, hostname_out);
822 log_err(
LD_BUG,
"Found a 'DONE' dns resolve still in the cache.");
837 pending_connection->conn = exitconn;
839 *made_connection_pending_out = 1;
842 HT_INSERT(cache_map, &cache_root, resolve);
845 log_debug(LD_EXIT,
"Launching %s.",
849 return launch_resolve(resolve);
871 char **hostname_out))
873 int ipv4_ok, ipv6_ok, answer_with_ipv4, r;
874 uint32_t begincell_flags;
882 *hostname_out = tor_strdup(resolve->result_ptr.hostname);
894 begincell_flags = exitconn->begincell_flags;
901 get_options()->IPv6Exit;
904 if (ipv4_ok && ipv6_ok && is_resolve) {
905 answer_with_ipv4 = 1;
906 }
else if (ipv4_ok && ipv6_ok) {
908 const uint16_t port = exitconn->base_.
port;
909 int ipv4_allowed, ipv6_allowed;
915 if (ipv4_allowed && !ipv6_allowed) {
916 answer_with_ipv4 = 1;
917 }
else if (ipv6_allowed && !ipv4_allowed) {
918 answer_with_ipv4 = 0;
922 answer_with_ipv4 = !(begincell_flags &
928 answer_with_ipv4 = 1;
929 }
else if (ipv6_ok) {
930 answer_with_ipv4 = 0;
933 answer_with_ipv4 = !(begincell_flags &
940 if (answer_with_ipv4) {
974 resolve = HT_FIND(cache_map, &cache_root, &search);
982 HT_FOREACH(resolve, cache_map, &cache_root) {
983 for (pend = (*resolve)->pending_connections; pend; pend = pend->next) {
998 HT_FOREACH(resolve, cache_map, &cache_root) {
999 for (pend = (*resolve)->pending_connections;
1001 pend = pend->next) {
1023 resolve = HT_FIND(cache_map, &cache_root, &search);
1025 log_notice(
LD_BUG,
"Address %s is not pending. Dropping.",
1035 if (pend->conn == conn) {
1038 log_debug(LD_EXIT,
"First connection (fd "TOR_SOCKET_T_FORMAT
") no " 1039 "longer waiting for resolve of %s",
1044 for ( ; pend->next; pend = pend->next) {
1045 if (pend->next->conn == conn) {
1046 victim = pend->next;
1047 pend->next = victim->next;
1050 "Connection (fd "TOR_SOCKET_T_FORMAT
") no longer waiting " 1051 "for resolve of %s",
1056 log_warn(
LD_BUG,
"Connection (fd "TOR_SOCKET_T_FORMAT
") was not waiting " 1057 "for a resolve of %s, but we tried to remove it.",
1067 dns_cancel_pending_resolve,(
const char *address))
1077 resolve = HT_FIND(cache_map, &cache_root, &search);
1087 "Address %s is not pending but has pending connections!",
1096 "Address %s is pending but has no pending connections!",
1105 "Failing all connections waiting on DNS resolve of %s",
1110 pendconn = pend->conn;
1120 connection_free_(
TO_CONN(pendconn));
1125 tmp = HT_REMOVE(cache_map, &cache_root, resolve);
1126 if (tmp != resolve) {
1127 log_err(
LD_BUG,
"The cancelled resolve we purged didn't match any in" 1128 " the cache. Tried to purge %s (%p); instead got %s (%p).",
1129 resolve->
address, (
void*)resolve,
1130 tmp ? tmp->
address :
"NULL", (
void*)tmp);
1160 const char *hostname, uint32_t ttl)
1169 resolve = HT_FIND(cache_map, &cache_root, &search);
1173 log_info(LD_EXIT,
"Resolved unasked address %s; ignoring.",
1185 "Resolved %s which was already resolved; ignoring",
1191 cached_resolve_add_answer(resolve, query_type, dns_answer,
1192 addr, hostname, ttl);
1217 char *hostname = NULL;
1219 pendconn = pend->conn;
1231 r = set_exitconn_info_from_resolve(pendconn,
1243 send_resolved_cell(pendconn, r == -1 ?
1244 RESOLVED_TYPE_ERROR : RESOLVED_TYPE_ERROR_TRANSIENT,
1249 connection_free_(
TO_CONN(pendconn));
1272 send_resolved_hostname_cell(pendconn, hostname);
1274 send_resolved_cell(pendconn, RESOLVED_TYPE_AUTO, resolve);
1278 connection_free_(
TO_CONN(pendconn));
1299 removed = HT_REMOVE(cache_map, &cache_root, resolve);
1300 if (removed != resolve) {
1301 log_err(
LD_BUG,
"The pending resolve we found wasn't removable from" 1302 " the cache. Tried to purge %s (%p); instead got %s (%p).",
1303 resolve->
address, (
void*)resolve,
1304 removed ? removed->
address :
"NULL", (
void*)removed);
1315 uint32_t ttl = UINT32_MAX;
1318 new_resolve->result_ptr.hostname =
1319 tor_strdup(resolve->result_ptr.hostname);
1324 HT_INSERT(cache_map, &cache_root, new_resolve);
1354 case DNS_ERR_SERVERFAILED:
1355 case DNS_ERR_TRUNCATED:
1356 case DNS_ERR_TIMEOUT:
1372 #ifdef HAVE_EVDNS_BASE_GET_NAMESERVER_ADDR 1378 configured_nameserver_address(
const size_t idx)
1380 struct sockaddr_storage sa;
1381 ev_socklen_t sa_len =
sizeof(sa);
1384 (
struct sockaddr *)&sa,
1388 (
const struct sockaddr *)&sa,
1409 const char *conf_fname;
1412 options = get_options();
1416 conf_fname =
"/etc/resolv.conf";
1418 flags = DNS_OPTIONS_ALL;
1421 if (!(
the_evdns_base = evdns_base_new(tor_libevent_get_base(), 0))) {
1422 log_err(
LD_BUG,
"Couldn't create an evdns_base");
1429 log_debug(
LD_FS,
"stat()ing %s", conf_fname);
1430 int missing_resolv_conf = 0;
1434 log_warn(LD_EXIT,
"Unable to stat resolver configuration in '%s': %s",
1435 conf_fname, strerror(errno));
1436 missing_resolv_conf = 1;
1440 log_info(LD_EXIT,
"No change to '%s'", conf_fname);
1444 if (stat_res == 0 && st.st_size == 0)
1445 missing_resolv_conf = 1;
1451 #if defined(DNS_OPTION_HOSTSFILE) && defined(USE_LIBSECCOMP) 1452 if (flags & DNS_OPTION_HOSTSFILE) {
1453 flags ^= DNS_OPTION_HOSTSFILE;
1454 log_debug(
LD_FS,
"Loading /etc/hosts");
1460 if (!missing_resolv_conf) {
1461 log_info(LD_EXIT,
"Parsing resolver configuration in '%s'", conf_fname);
1464 log_warn(LD_EXIT,
"Unable to parse '%s', or no nameservers " 1465 "in '%s' (%d)", conf_fname, conf_fname, r);
1472 log_warn(LD_EXIT,
"Unable to find any nameservers in '%s'.",
1480 log_warn(LD_EXIT,
"Could not read your DNS config from '%s' - " 1481 "please investigate your DNS configuration. " 1482 "This is possibly a problem. Meanwhile, falling" 1483 " back to local DNS at 127.0.0.1.", conf_fname);
1497 log_warn(LD_EXIT,
"Could not config nameservers.");
1501 log_warn(LD_EXIT,
"Unable to find any platform nameservers in " 1502 "your Windows configuration.");
1512 #define SET(k,v) evdns_base_set_option(the_evdns_base, (k), (v)) 1522 SET(
"max-timeouts:",
"1000000");
1524 SET(
"max-timeouts:",
"10");
1533 SET(
"max-inflight:",
"8192");
1539 SET(
"timeout:",
"5");
1540 SET(
"attempts:",
"3");
1543 SET(
"randomize-case:",
"1");
1545 SET(
"randomize-case:",
"0");
1577 uint8_t orig_query_type = arg_[0];
1578 char *string_address = arg_ + 1;
1580 const char *hostname = NULL;
1581 int was_wildcarded = 0;
1586 if (type == DNS_IPv6_AAAA) {
1587 if (result == DNS_ERR_TIMEOUT) {
1591 if (n_ipv6_timeouts > 10 &&
1592 n_ipv6_timeouts > n_ipv6_requests_made / 2) {
1593 if (! dns_is_broken_for_ipv6) {
1594 log_notice(LD_EXIT,
"More than half of our IPv6 requests seem to " 1595 "have timed out. I'm going to assume I can't get AAAA " 1597 dns_is_broken_for_ipv6 = 1;
1602 if (result == DNS_ERR_NONE) {
1603 if (type == DNS_IPv4_A && count) {
1605 char *escaped_address;
1606 uint32_t *addrs = addresses;
1613 log_debug(LD_EXIT,
"eventdns said that %s resolves to ISP-hijacked " 1614 "address %s; treating as a failure.",
1615 safe_str(escaped_address),
1619 result = DNS_ERR_NOTEXIST;
1621 log_debug(LD_EXIT,
"eventdns said that %s resolves to %s",
1622 safe_str(escaped_address),
1626 }
else if (type == DNS_IPv6_AAAA && count) {
1628 char *escaped_address;
1629 struct in6_addr *addrs = addresses;
1631 tor_inet_ntop(AF_INET6, &addrs[0], answer_buf,
sizeof(answer_buf));
1635 log_debug(LD_EXIT,
"eventdns said that %s resolves to ISP-hijacked " 1636 "address %s; treating as a failure.",
1637 safe_str(escaped_address),
1641 result = DNS_ERR_NOTEXIST;
1643 log_debug(LD_EXIT,
"eventdns said that %s resolves to %s",
1644 safe_str(escaped_address),
1648 }
else if (type == DNS_PTR && count) {
1649 char *escaped_address;
1650 hostname = ((
char**)addresses)[0];
1652 log_debug(LD_EXIT,
"eventdns said that %s resolves to %s",
1653 safe_str(escaped_address),
1657 log_info(LD_EXIT,
"eventdns returned only unrecognized answer types " 1661 log_info(LD_EXIT,
"eventdns returned no addresses or error for %s.",
1665 if (was_wildcarded) {
1673 if (orig_query_type && type && orig_query_type != type) {
1674 log_warn(
LD_BUG,
"Weird; orig_query_type == %d but type == %d",
1675 (
int)orig_query_type, (
int)type);
1677 if (result != DNS_ERR_SHUTDOWN)
1679 result, &addr, hostname, ttl);
1691 const int options = get_options()->ServerDNSSearchDomains ? 0
1692 : DNS_QUERY_NO_SEARCH;
1693 const size_t addr_len = strlen(address);
1694 struct evdns_request *req = 0;
1695 char *addr = tor_malloc(addr_len + 2);
1696 addr[0] = (char) query_type;
1697 memcpy(addr+1, address, addr_len + 1);
1699 switch (query_type) {
1707 ++n_ipv6_requests_made;
1713 DNS_QUERY_NO_SEARCH,
1718 DNS_QUERY_NO_SEARCH,
1721 log_warn(
LD_BUG,
"Called with PTR query and unexpected address family");
1724 log_warn(
LD_BUG,
"Called with unexpectd query type %d", (
int)query_type);
1745 if (net_is_disabled())
1750 log_warn(LD_EXIT,
"(Harmless.) Nameservers not configured, but resolve " 1751 "launched. Configuring.");
1758 &a, resolve->
address, AF_UNSPEC, 0);
1762 log_info(LD_EXIT,
"Launching eventdns request for %s",
1765 if (get_options()->IPv6Exit)
1769 resolve->res_status_ipv4 = 0;
1773 if (r==0 && get_options()->IPv6Exit) {
1776 resolve->res_status_ipv6 = 0;
1780 }
else if (r == 1) {
1782 log_info(LD_EXIT,
"Launching eventdns reverse request for %s",
1786 resolve->res_status_hostname = 0;
1789 }
else if (r == -1) {
1790 log_warn(
LD_BUG,
"Somehow a malformed in-addr.arpa address reached here.");
1794 log_fn(LOG_PROTOCOL_WARN, LD_EXIT,
"eventdns rejected address %s.",
1839 ip = tor_malloc_zero(
sizeof(
int));
1848 "Your DNS provider has given \"%s\" as an answer for %d different " 1849 "invalid addresses. Apparently they are hijacking DNS failures. " 1850 "I'll try to correct for this by treating future occurrences of " 1851 "\"%s\" as 'not found'.",
id, *ip,
id);
1865 int n, n_test_addrs;
1873 n_test_addrs = get_options()->ServerDNSTestAddresses ?
1874 smartlist_len(get_options()->ServerDNSTestAddresses) : 0;
1878 if (n > n_test_addrs/2) {
1880 LD_EXIT,
"Your DNS provider tried to redirect \"%s\" to a junk " 1881 "address. It has done this with %d test addresses so far. I'm " 1882 "going to stop being an exit node for now, since our DNS seems so " 1883 "broken.", address, n);
1898 void *addresses,
void *arg)
1902 if (result == DNS_ERR_NONE && count) {
1903 char *string_address = arg;
1905 if (type == DNS_IPv4_A) {
1906 const uint32_t *addrs = addresses;
1907 for (i = 0; i < count; ++i) {
1910 in.s_addr = addrs[i];
1914 }
else if (type == DNS_IPv6_AAAA) {
1915 const struct in6_addr *addrs = addresses;
1916 for (i = 0; i < count; ++i) {
1918 tor_inet_ntop(AF_INET6, &addrs[i], answer_buf,
sizeof(answer_buf));
1924 "Your DNS provider gave an answer for \"%s\", which " 1925 "is not supposed to exist. Apparently they are hijacking " 1926 "DNS failures. Trying to correct for this. We've noticed %d " 1927 "possibly bad address%s so far.",
1943 struct evdns_request *req;
1946 log_info(LD_EXIT,
"Testing whether our DNS server is hijacking nonexistent " 1947 "domains with request for bogus hostname \"%s\"", addr);
1951 req = evdns_base_resolve_ipv6(
1958 req = evdns_base_resolve_ipv4(
1980 if (net_is_disabled())
1983 log_info(LD_EXIT,
"Launching checks to see whether our nameservers like to " 1984 "hijack *everything*.");
1992 const char *, address) {
1994 log_info(LD_EXIT,
"eventdns rejected test address %s",
1999 log_info(LD_EXIT,
"eventdns rejected test address %s",
2002 } SMARTLIST_FOREACH_END(address);
2006 #define N_WILDCARD_CHECKS 2 2016 log_info(LD_EXIT,
"Launching checks to see whether our nameservers like " 2017 "to hijack DNS failures.");
2018 for (ipv6 = 0; ipv6 <= 1; ++ipv6) {
2019 for (i = 0; i < N_WILDCARD_CHECKS; ++i) {
2046 static struct event *launch_event = NULL;
2048 if (!get_options()->ServerDNSDetectHijacking)
2055 launch_event = tor_evtimer_new(tor_libevent_get_base(),
2057 timeout.tv_sec = 30;
2058 timeout.tv_usec = 0;
2059 if (evtimer_add(launch_event, &timeout)<0) {
2060 log_warn(
LD_BUG,
"Couldn't add timer for checking for dns hijacking");
2075 return dns_is_broken_for_ipv6;
2087 n_ipv6_requests_made = n_ipv6_timeouts = 0;
2100 dns_is_broken_for_ipv6 = 0;
2126 if (resolve->is_reverse)
2139 return HT_SIZE(&cache_root);
2144 dns_cache_total_allocation(
void)
2147 HT_MEM_USAGE(&cache_root);
2156 size_t hash_mem = dns_cache_total_allocation();
2161 tor_log(severity,
LD_MM,
"Our DNS cache has %d entries.", hash_count);
2162 tor_log(severity,
LD_MM,
"Our DNS cache size is approximately %u bytes.",
2163 (
unsigned)hash_mem);
2170 dns_cache_handle_oom(time_t now,
size_t min_remove_bytes)
2172 time_t time_inc = 0;
2173 size_t total_bytes_removed = 0;
2174 size_t current_size = dns_cache_total_allocation();
2182 time_t cutoff = now + time_inc;
2186 size_t bytes_removed = current_size - dns_cache_total_allocation();
2187 current_size -= bytes_removed;
2188 total_bytes_removed += bytes_removed;
2192 }
while (total_bytes_removed < min_remove_bytes);
2194 return total_bytes_removed;
2197 #ifdef DEBUG_DNS_CACHE 2200 assert_cache_ok_(
void)
2203 int bad_rep = HT_REP_IS_BAD_(cache_map, &cache_root);
2205 log_err(
LD_BUG,
"Bad rep type %d on dns cache hash table", bad_rep);
2209 HT_FOREACH(resolve, cache_map, &cache_root) {
2223 cached_resolve_t *found = HT_FIND(cache_map, &cache_root, res);
2224 tor_assert(!found || found != res);
2226 cached_resolve_t *found = HT_FIND(cache_map, &cache_root, res);
2237 return HT_FIND(cache_map, &cache_root, query);
2243 HT_INSERT(cache_map, &cache_root, new_entry);
#define RELAY_PAYLOAD_SIZE
static void evdns_callback(int result, char type, int count, int ttl, void *addresses, void *arg)
void tor_addr_from_ipv4n(tor_addr_t *dest, uint32_t v4addr)
#define BEGIN_FLAG_IPV6_PREFERRED
const char * tor_addr_to_str(char *dest, const tor_addr_t *addr, size_t len, int decorate)
static int dns_cache_entry_count(void)
unsigned int is_reverse_dns_lookup
Common functions for using (pseudo-)random number generators.
#define MIN_DNS_TTL_AT_EXIT
static void dns_launch_wildcard_checks(void)
void assert_connection_edge_not_dns_pending(edge_connection_t *conn)
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
void tor_addr_make_unspec(tor_addr_t *a)
const char * escaped_safe_str(const char *address)
#define RES_STATUS_DONE_OK
void connection_dns_remove(edge_connection_t *conn)
MOCK_IMPL(STATIC void, send_resolved_cell,(edge_connection_t *conn, uint8_t answer_type, const cached_resolve_t *resolved))
static int cached_resolve_have_all_answers(const cached_resolve_t *resolve)
#define EXIT_PURPOSE_CONNECT
static int evdns_err_is_transient(int err)
#define RESOLVE_MAX_TIMEOUT
#define EXIT_CONN_STATE_RESOLVING
Header file for connection.c.
#define EXIT_CONN_STATE_RESOLVEFAILED
void smartlist_add_strdup(struct smartlist_t *sl, const char *string)
int tor_addr_parse_PTR_name(tor_addr_t *result, const char *address, int family, int accept_regular)
static strmap_t * dns_wildcard_response_count
static time_t resolv_conf_mtime
#define CIRCUIT_IS_ORIGIN(c)
static int launch_one_resolve(const char *address, uint8_t query_type, const tor_addr_t *ptr_address)
#define MAX_DNS_TTL_AT_EXIT
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
#define RES_STATUS_DONE_ERR
static int dns_wildcarded_test_address_notice_given
static void set_expiry(cached_resolve_t *resolve, time_t expires)
void smartlist_pqueue_add(smartlist_t *sl, int(*compare)(const void *a, const void *b), int idx_field_offset, void *item)
Header file for config.c.
static int dns_wildcard_notice_given
static int configure_nameservers(int force)
static uint32_t tor_addr_to_ipv4h(const tor_addr_t *a)
int strcmpstart(const char *s1, const char *s2)
static void inform_pending_connections(cached_resolve_t *resolve)
#define tor_fragile_assert()
int dns_seems_to_be_broken_for_ipv6(void)
static void wildcard_increment_answer(const char *id)
Header file for mainloop.c.
#define INET_NTOA_BUF_LEN
#define EXIT_PURPOSE_RESOLVE
void dns_reset_correctness_checks(void)
static void make_pending_resolve_cached(cached_resolve_t *cached)
void * tor_reallocarray_(void *ptr, size_t sz1, size_t sz2)
#define sandbox_intern_string(s)
static int dns_wildcard_one_notice_given
int connection_edge_send_command(edge_connection_t *fromconn, uint8_t relay_command, const char *payload, size_t payload_len)
const char * tor_inet_ntop(int af, const void *src, char *dst, size_t len)
static void set_uint32(void *cp, uint32_t v)
void assert_all_pending_dns_resolves_ok(void)
static void launch_wildcard_check(int min_len, int max_len, int is_ipv6, const char *suffix)
char * ServerDNSResolvConfFile
union cached_resolve_t::@19 result_ipv4
static const struct in_addr * tor_addr_to_in(const tor_addr_t *a)
#define RES_STATUS_INFLIGHT
uint32_t dns_clip_ttl(uint32_t ttl)
Header file for policies.c.
void smartlist_pqueue_assert_ok(smartlist_t *sl, int(*compare)(const void *a, const void *b), int idx_field_offset)
edge_connection_t * n_streams
int address_is_invalid_destination(const char *address, int client)
#define tor_addr_from_ipv4h(dest, v4addr)
Header file for routermode.c.
int has_dns_init_failed(void)
static smartlist_t * dns_wildcard_list
static smartlist_t * cached_resolve_pqueue
Header file for sandbox.c.
int smartlist_contains_string_case(const smartlist_t *sl, const char *element)
void * smartlist_pqueue_pop(smartlist_t *sl, int(*compare)(const void *a, const void *b), int idx_field_offset)
static void dns_randfn_(char *b, size_t n)
static int n_wildcard_requests
static HT_HEAD(cache_map, cached_resolve_t)
Master header file for Tor-specific functionality.
#define CACHED_RESOLVE_MAGIC
#define BEGIN_FLAG_IPV4_NOT_OK
char address[MAX_ADDRESSLEN]
int tor_addr_parse(tor_addr_t *addr, const char *src)
uint16_t marked_for_close
int dns_resolve(edge_connection_t *exitconn)
void dns_servers_relaunch_checks(void)
#define log_fn_ratelim(ratelim, severity, domain, args,...)
Header file for circuituse.c.
static void dns_found_answer(const char *address, uint8_t query_type, int dns_answer, const tor_addr_t *addr, const char *hostname, uint32_t ttl)
void tor_free_(void *mem)
int connection_in_array(connection_t *conn)
void tor_strlower(char *s)
void mark_my_descriptor_dirty(const char *reason)
static unsigned int cached_resolve_hash(cached_resolve_t *a)
Header file for circuitlist.c.
int dns_seems_to_be_broken(void)
size_t number_of_configured_nameservers(void)
#define CACHE_STATE_CACHED
static void evdns_wildcard_check_callback(int result, char type, int count, int ttl, void *addresses, void *arg)
static void launch_test_addresses(evutil_socket_t fd, short event, void *args)
static int answer_is_wildcarded(const char *ip)
HT_PROTOTYPE(HT_GENERATE2(cache_map, HT_GENERATE2(cached_resolve_t, HT_GENERATE2(node, HT_GENERATE2(cached_resolve_hash, HT_GENERATE2(cached_resolves_eq)
int tor_strisnonupper(const char *s)
Header file for connection_edge.c.
int smartlist_contains_string(const smartlist_t *sl, const char *element)
void assert_connection_ok(connection_t *conn, time_t now)
int router_compare_to_my_exit_policy(const tor_addr_t *addr, uint16_t port)
struct smartlist_t * ServerDNSTestAddresses
#define CACHE_STATE_PENDING
void connection_exit_connect(edge_connection_t *edge_conn)
void tor_addr_from_in6(tor_addr_t *dest, const struct in6_addr *in6)
#define SMARTLIST_FOREACH(sl, type, var, cmd)
Header file for router.c.
const char * escaped(const char *s)
static void evdns_log_cb(int warn, const char *msg)
static smartlist_t * dns_wildcarded_test_address_list
edge_connection_t * resolving_streams
static const struct in6_addr * tor_addr_to_in6(const tor_addr_t *a)
static int dns_is_completely_invalid
#define log_fn(severity, domain, args,...)
static char * resolv_conf_fname
static int nameserver_config_failed
void dump_dns_mem_usage(int severity)
or_circuit_t * TO_OR_CIRCUIT(circuit_t *x)
int connection_edge_end(edge_connection_t *conn, uint8_t reason)
int tor_inet_ntoa(const struct in_addr *in, char *buf, size_t buf_len)
struct in6_addr addr_ipv6
union cached_resolve_t::@20 result_ipv6
static int is_test_address(const char *address)
static int compare_cached_resolves_by_expiry_(const void *_a, const void *_b)
circuit_t * circuit_get_by_edge_conn(edge_connection_t *conn)
struct circuit_t * on_circuit
int control_event_server_status(int severity, const char *format,...)
int ServerDNSRandomizeCase
char * esc_for_log(const char *s)
static void purge_expired_resolves(time_t now)
void circuit_detach_stream(circuit_t *circ, edge_connection_t *conn)
struct edge_connection_t * next_stream
Header for compat_libevent.c.
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
#define BEGIN_FLAG_IPV6_OK
Header file for control_events.c.
static void add_wildcarded_test_address(const char *address)
void smartlist_clear(smartlist_t *sl)
static int nameservers_configured
static void free_cached_resolve_(cached_resolve_t *r)
int tor_addr_from_sockaddr(tor_addr_t *a, const struct sockaddr *sa, uint16_t *port_out)
char * crypto_random_hostname(int min_rand_len, int max_rand_len, const char *prefix, const char *suffix)
static void assert_resolve_ok(cached_resolve_t *resolve)
static struct evdns_base * the_evdns_base
pending_connection_t * pending_connections
#define EXIT_CONN_STATE_CONNECTING
void dns_launch_correctness_checks(void)
static sa_family_t tor_addr_family(const tor_addr_t *a)
